From: Eugene Leitl (eugene.leitl@lrz.uni-muenchen.de)
Date: Tue Aug 17 1999 - 11:46:54 MDT
Bryan Moss writes:
> I have an idea to get all 5 of those (potential) undiscovered Mersenne
> primes and the $100K prize in maybe a year or less. We'll use the CPU
> cycles of internet users without asking them. GIMPS-like software will be
> hidden in a novelty e-mail attachment; while the recipient is laughing at
> the sight of Kermit the Frog getting a blow job the software will install
> itself on their computer. As long as the software can 'get out of the way'
Why going at such great lengths? There are enough holes in network
protocol stacks and applications to make possible its propagation to
be purely automatic. Since constituting the bulk of all installations,
one can essentially concentrate on x86/Win95/98/2000/NT ("Wintel")
machines, which makes the task of finding buffer overruns quite easy
(a small exploit library will suffice for starters). Each infected
machine would occasionally ping a random IP address, trying to infect
another target.
If we would have found an x86 machine code mutator function before
(Koza's 1000 node Beowulf would be the ideal substrate for this) and
add a GA buffer overrun seeker module such a software would be very
hard to kill indeed, because it would mutate faster than patch
distribution. Trying to infect routers and switches is another good
idea.
Once good JIT Java is good enough we can consider mutating Java VM
instructions.
The earlier such worm software gets developed (its advent is
essentially inevitable) the less disruptive the effects will
be. Better tomorrow than a decade downstream, definitely. The IT
landscape could use a great deal more resilience and diversity, the
current Wintel monoculture is definitely asking for trouble.
It would be interesting to speculate if such software ecology
subjected to selection pressures (people and software search&destroy)
could even become sentient/transcend. There is certainly enough code
and knowledge out there on the Net. Two decades from now both the
networking and crunch could be adequate.
> when the computer is being used, and doesn't have to tranfer too much data,
> it should remain undetected. The only downside I can see is that we'd need
> a server to collect results and some people, if they found out, might
> object. But I would estimate that the amount of people who trade and run
> these novelty attachments is far in excess of the number of GIMPS members,
> and that the total CPU power would be much higher (you'd have virtually the
> whole of AOL for instance). Also, people who do trade these files aren't
> likely to use a lot of CPU cycles (except for games, maybe) but (ironically)
> are likely to have fast CPUs. The same software could also be spread by
> other means (using loopholes in Outlook, IE, Windows, AOL, et cetera),
> although having them inside an executable might make for a better legal case
> (if you had the user sign a disclaimer to install the software 99.99% would
> say "yes" without reading it).
This archive was generated by hypermail 2.1.5 : Fri Nov 01 2002 - 15:04:47 MST